23
* struct hostapd_radius_server - RADIUS server information for RADIUS client
25
* This structure contains information about a RADIUS server. The values are
26
* mainly for MIB information. The MIB variable prefix (radiusAuth or
27
* radiusAcc) depends on whether this is an authentication or accounting
30
* radiusAuthClientPendingRequests (or radiusAccClientPendingRequests) is the
31
* number struct radius_client_data::msgs for matching msg_type.
22
33
struct hostapd_radius_server {
23
/* MIB prefix for shared variables:
24
* @ = radiusAuth or radiusAcc depending on the type of the server */
25
struct hostapd_ip_addr addr; /* @ServerAddress */
26
int port; /* @ClientServerPortNumber */
35
* addr - radiusAuthServerAddress or radiusAccServerAddress
37
struct hostapd_ip_addr addr;
40
* port - radiusAuthClientServerPortNumber or radiusAccClientServerPortNumber
45
* shared_secret - Shared secret for authenticating RADIUS messages
50
* shared_secret_len - Length of shared_secret in octets
28
52
size_t shared_secret_len;
30
54
/* Dynamic (not from configuration file) MIB data */
31
int index; /* @ServerIndex */
32
int round_trip_time; /* @ClientRoundTripTime; in hundredths of a
34
u32 requests; /* @Client{Access,}Requests */
35
u32 retransmissions; /* @Client{Access,}Retransmissions */
36
u32 access_accepts; /* radiusAuthClientAccessAccepts */
37
u32 access_rejects; /* radiusAuthClientAccessRejects */
38
u32 access_challenges; /* radiusAuthClientAccessChallenges */
39
u32 responses; /* radiusAccClientResponses */
40
u32 malformed_responses; /* @ClientMalformed{Access,}Responses */
41
u32 bad_authenticators; /* @ClientBadAuthenticators */
42
u32 timeouts; /* @ClientTimeouts */
43
u32 unknown_types; /* @ClientUnknownTypes */
44
u32 packets_dropped; /* @ClientPacketsDropped */
45
/* @ClientPendingRequests: length of hapd->radius->msgs for matching
57
* index - radiusAuthServerIndex or radiusAccServerIndex
62
* round_trip_time - radiusAuthClientRoundTripTime or radiusAccClientRoundTripTime
63
* Round-trip time in hundredths of a second.
68
* requests - radiusAuthClientAccessRequests or radiusAccClientRequests
73
* retransmissions - radiusAuthClientAccessRetransmissions or radiusAccClientRetransmissions
78
* access_accepts - radiusAuthClientAccessAccepts
83
* access_rejects - radiusAuthClientAccessRejects
88
* access_challenges - radiusAuthClientAccessChallenges
90
u32 access_challenges;
93
* responses - radiusAccClientResponses
98
* malformed_responses - radiusAuthClientMalformedAccessResponses or radiusAccClientMalformedResponses
100
u32 malformed_responses;
103
* bad_authenticators - radiusAuthClientBadAuthenticators or radiusAccClientBadAuthenticators
105
u32 bad_authenticators;
108
* timeouts - radiusAuthClientTimeouts or radiusAccClientTimeouts
113
* unknown_types - radiusAuthClientUnknownTypes or radiusAccClientUnknownTypes
118
* packets_dropped - radiusAuthClientPacketsDropped or radiusAccClientPacketsDropped
124
* struct hostapd_radius_servers - RADIUS servers for RADIUS client
49
126
struct hostapd_radius_servers {
50
/* RADIUS Authentication and Accounting servers in priority order */
51
struct hostapd_radius_server *auth_servers, *auth_server;
128
* auth_servers - RADIUS Authentication servers in priority order
130
struct hostapd_radius_server *auth_servers;
133
* num_auth_servers - Number of auth_servers entries
52
135
int num_auth_servers;
53
struct hostapd_radius_server *acct_servers, *acct_server;
138
* auth_server - The current Authentication server
140
struct hostapd_radius_server *auth_server;
143
* acct_servers - RADIUS Accounting servers in priority order
145
struct hostapd_radius_server *acct_servers;
148
* num_acct_servers - Number of acct_servers entries
54
150
int num_acct_servers;
153
* acct_server - The current Accounting server
155
struct hostapd_radius_server *acct_server;
158
* retry_primary_interval - Retry interval for trying primary server
160
* This specifies a retry interval in sexconds for trying to return to
161
* the primary RADIUS server. RADIUS client code will automatically try
162
* to use the next server when the current server is not replying to
163
* requests. If this interval is set (non-zero), the primary server
164
* will be retried after the specified number of seconds has passed
165
* even if the current used secondary server is still working.
56
167
int retry_primary_interval;
57
int acct_interim_interval;
170
* msg_dumps - Whether RADIUS message details are shown in stdout
175
* client_addr - Client (local) address to use if force_client_addr
61
177
struct hostapd_ip_addr client_addr;
180
* force_client_addr - Whether to force client (local) address
62
182
int force_client_addr;
187
* RadiusType - RADIUS server type for RADIUS client
191
* RADIUS authentication
196
* RADIUS_ACCT - RADIUS accounting
69
RADIUS_ACCT_INTERIM /* used only with radius_client_send(); just like
70
* RADIUS_ACCT, but removes any pending interim
71
* RADIUS Accounting packages for the same STA
72
* before sending the new interim update */
201
* RADIUS_ACCT_INTERIM - RADIUS interim accounting message
203
* Used only with radius_client_send(). This behaves just like
204
* RADIUS_ACCT, but removes any pending interim RADIUS Accounting
205
* messages for the same STA before sending the new interim update.
211
* RadiusRxResult - RADIUS client RX handler result
215
* RADIUS_RX_PROCESSED - Message processed
217
* This stops handler calls and frees the message.
76
219
RADIUS_RX_PROCESSED,
222
* RADIUS_RX_QUEUED - Message has been queued
224
* This stops handler calls, but does not free the message; the handler
225
* that returned this is responsible for eventually freeing the
231
* RADIUS_RX_UNKNOWN - Message is not for this handler
78
233
RADIUS_RX_UNKNOWN,
236
* RADIUS_RX_INVALID_AUTHENTICATOR - Message has invalid Authenticator
79
238
RADIUS_RX_INVALID_AUTHENTICATOR
92
251
struct radius_msg *msg,
93
252
RadiusType msg_type, const u8 *addr);
94
253
u8 radius_client_get_id(struct radius_client_data *radius);
96
254
void radius_client_flush(struct radius_client_data *radius, int only_auth);
97
255
struct radius_client_data *
98
256
radius_client_init(void *ctx, struct hostapd_radius_servers *conf);
99
257
void radius_client_deinit(struct radius_client_data *radius);
100
void radius_client_flush_auth(struct radius_client_data *radius, u8 *addr);
258
void radius_client_flush_auth(struct radius_client_data *radius,
101
260
int radius_client_get_mib(struct radius_client_data *radius, char *buf,
103
struct radius_client_data *
104
radius_client_reconfig(struct radius_client_data *old, void *ctx,
105
struct hostapd_radius_servers *oldconf,
106
struct hostapd_radius_servers *newconf);
108
263
#endif /* RADIUS_CLIENT_H */